.\" $NetBSD: audit-system.8,v 1.2 2008/07/05 19:07:21 adrian_p Exp $
.\"
.\"
.Dd July 4, 2008
.Os
.Dt AUDIT-SYSTEM 8
.Sh NAME
.Nm audit-system
.Nd show vulnerabilities in system, utilities and libraries
.Sh SYNOPSIS
.Nm
.Op Fl duv
.Sh DESCRIPTION
The
.Nm
program compares the programs, utilities, libraries and kernel with the
.Pa system-vulnerabilities
file and reports any known security issues to standard output.
This output contains the name and version of the vulnerable component, the
type of vulnerability, and a URL for further information for each
vulnerability.
.Pp
The following flags are supported:
.Bl -tag -width Ar
.It Fl d
.Nm
will attempt to download the vulnerabilities
file before scanning
the system for vulnerabilities.
.It Fl u
.Nm
will only download the
.Pa system-vulnerabilities
file
.It Fl v
Set verbose mode.
.Nm
will warn when the system vulnerabilities file is more than a week old.
.El
.Pp
The
.Nm
program downloads this file from
.Pa ftp://ftp.NetBSD.org/pub/NetBSD/misc/agc/audit-system/system-vulnerabilities
using
.Xr @FETCH_TOOL@ 1 .
This vulnerabilities file documents all known security issues in
.Nx
the system
and is kept up-to-date by the
.Nx
security-officer team.
.Pp
Each line lists the component and vulnerable versions, the type of exploit,
and an Internet address for further information:
.Bl -item
.It
.Aq package pattern
.Aq type
.Aq url
.El
.Pp
The type of exploit can be any text, although
some common types of exploits listed are:
.Bl -bullet -compact -offset indent
.It
cross-site-html
.It
cross-site-scripting
.It
denial-of-service
.It
file-permissions
.It
local-access
.It
local-code-execution
.It
local-file-read
.It
local-file-removal
.It
local-file-write
.It
local-root-file-view
.It
local-root-shell
.It
local-symlink-race
.It
local-user-file-view
.It
local-user-shell
.It
privacy-leak
.It
remote-code-execution
.It
remote-command-inject
.It
remote-file-creation
.It
remote-file-read
.It
remote-file-view
.It
remote-file-write
.It
remote-key-theft
.It
remote-root-access
.It
remote-root-shell
.It
remote-script-inject
.It
remote-server-admin
.It
remote-use-of-secret
.It
remote-user-access
.It
remote-user-file-view
.It
remote-user-shell
.It
unknown
.It
weak-authentication
.It
weak-encryption
.It
weak-ssl-authentication
.El
.Pp
By default, the vulnerabilities file is stored in the
@SYSVULNDIR@
directory.
This can be changed by defining the environment variable
.Ev SYSVULNDIR
to the directory containing the vulnerabilities file.
.Sh EXIT STATUS
.Ex -std audit-system
.Sh FILES
@SYSVULNDIR@/system-vulnerabilities
.Pp
@PKG_SYSCONFDIR@/audit-system.conf
.Sh EXAMPLES
The
.Nm
utility can be run via
.Xr cron 8
(or with
.Nx Ap s
.Pa /etc/security.local
daily security script).
.Pp
.Sh SEE ALSO
.Xr ftp 1 ,
.Xr audit-packages pkgsrc ,
.Xr audit-system.conf 5 ,
.Sh HISTORY
The
.Nm
command was originally implemented by
.An Alistair Crooks
on October 6, 2006.
